Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f657fc9-6a6d-4bf2-a08b-37e54c16a3df.roa
File: 6f657fc9-6a6d-4bf2-a08b-37e54c16a3df.roa (raw, json)
Hash identifier: ckBhyCGZgJN5Jh4q9XgFCvIAodHthQurRtnilYiJdqs=
Subject key identifier: 3F:3B:49:C3:D4:01:2B:2A:AC:8C:03:F3:37:48:C8:D4:71:FC:21:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D773C0414B0CDCFABA79E47C729903B102242FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f657fc9-6a6d-4bf2-a08b-37e54c16a3df.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:6000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:77:3c:04:14:b0:cd:cf:ab:a7:9e:47:c7:29:90:3b:10:22:42:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d94916a835092af8101419e947b2161c72a88d350dc4b75709fa2f3137711f7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3c:74:83:2a:30:e4:0e:88:5f:2e:01:f0:7c:
f6:3a:18:37:95:9c:9f:bf:8a:5d:73:5e:cc:9a:17:
81:e7:95:44:50:95:de:59:eb:e5:bd:57:c8:f2:82:
b0:75:97:ed:3e:b1:dc:5a:c1:02:66:39:04:a1:85:
89:c6:09:5e:40:68:b5:88:47:52:40:2d:14:5a:2c:
c9:37:2c:ad:2e:01:3b:b8:9e:99:79:90:a6:c7:f9:
d9:c8:86:e4:0b:69:c0:13:b0:45:97:1e:48:89:e9:
40:b8:91:8d:cf:dd:81:46:ce:99:42:3e:a4:e7:69:
e1:ae:a9:0c:00:44:54:15:a0:ac:fc:b7:93:81:c6:
01:f7:ee:80:bb:39:d9:ae:1e:1d:63:5e:42:7f:4a:
68:8e:ce:6a:05:66:27:b9:08:83:28:67:45:9d:6f:
3e:48:53:e1:f2:8e:e9:3e:52:bd:9e:31:cd:de:a9:
e7:e2:d3:6a:32:f8:1c:3a:20:8a:69:87:f2:6c:30:
82:d1:2c:bd:dc:04:f2:b1:5c:23:60:06:8d:79:41:
84:14:f8:d5:70:6b:a3:53:f5:92:64:09:30:d5:d2:
f2:4b:77:fa:ce:8c:f3:84:54:88:64:78:fa:f0:11:
17:78:91:8a:89:05:af:a3:9c:a8:dd:4e:20:72:6d:
90:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3B:49:C3:D4:01:2B:2A:AC:8C:03:F3:37:48:C8:D4:71:FC:21:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f657fc9-6a6d-4bf2-a08b-37e54c16a3df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
94:af:95:0d:36:ae:56:f2:f0:e2:83:37:fc:bb:d2:99:6f:a9:
51:fb:74:d7:97:44:e2:44:89:c9:68:30:a4:b2:90:1b:9c:e9:
f9:37:12:6e:b2:7a:aa:19:fd:90:6c:9e:15:94:e1:3b:5e:75:
9f:b0:84:8f:d1:15:63:78:e8:5a:89:9a:a2:81:19:f7:d0:22:
ca:f6:8f:d4:b8:99:a4:14:dd:28:f7:9b:5e:84:af:ef:dc:a9:
b8:06:09:ac:a4:67:02:57:41:5e:ef:5d:aa:28:7f:3c:d5:97:
7c:1a:7c:9c:09:e8:7c:b0:65:a2:c5:e5:20:b3:b9:85:0d:c3:
d4:fa:88:9f:94:fb:c8:bf:c3:c1:29:47:43:e9:33:e1:68:7e:
4a:10:db:20:e5:eb:7a:88:95:b1:1c:98:aa:ee:97:a4:9f:d1:
c4:29:1e:a4:bd:e9:9c:c3:44:24:0f:75:54:7a:11:43:41:53:
4f:81:3f:4c:ac:1c:fe:64:9c:50:23:80:f5:4a:9f:a1:4b:59:
b3:03:1a:61:99:c0:90:9e:40:78:f7:a9:91:f0:d5:09:32:0d:
09:26:03:92:73:0e:b7:e5:fa:d8:65:89:e8:bf:bf:8f:00:c3:
bc:a8:22:c2:ad:89:a1:cb:ee:23:79:ab:fd:1a:a1:20:dd:22:
d3:01:a6:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHXc8BBSwzc+rp55HxymQOxAiQv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5NDkxNmE4MzUwOTJhZjgxMDE0MTllOTQ3YjIxNjFjNzJhODhkMzUwZGM0
Yjc1NzA5ZmEyZjMxMzc3MTFmN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQ8dIMqMOQOiF8uAfB89joYN5Wcn7+KXXNezJoXgeeVRFCV3lnr5b1XyPKC
sHWX7T6x3FrBAmY5BKGFicYJXkBotYhHUkAtFFosyTcsrS4BO7iemXmQpsf52ciG
5AtpwBOwRZceSInpQLiRjc/dgUbOmUI+pOdp4a6pDABEVBWgrPy3k4HGAffugLs5
2a4eHWNeQn9KaI7OagVmJ7kIgyhnRZ1vPkhT4fKO6T5SvZ4xzd6p5+LTajL4HDog
immH8mwwgtEsvdwE8rFcI2AGjXlBhBT41XBro1P1kmQJMNXS8kt3+s6M84RUiGR4
+vARF3iRiokFr6OcqN1OIHJtkLMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/O0nD
1AErKqyMA/M3SMjUcfwhvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY2NTdmYzktNmE2ZC00YmYyLWEwOGItMzdlNTRjMTZhM2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCUr5UNNq5W8vDigzf8u9KZb6lR+3TXl0TiRInJ
aDCkspAbnOn5NxJusnqqGf2QbJ4VlOE7XnWfsISP0RVjeOhaiZqigRn30CLK9o/U
uJmkFN0o95tehK/v3Km4BgmspGcCV0Fe712qKH881Zd8GnycCeh8sGWixeUgs7mF
DcPU+oiflPvIv8PBKUdD6TPhaH5KENsg5et6iJWxHJiq7pekn9HEKR6kvemcw0Qk
D3VUehFDQVNPgT9MrBz+ZJxQI4D1Sp+hS1mzAxphmcCQnkB496mR8NUJMg0JJgOS
cw635frYZYnov7+PAMO8qCLCrYmhy+4jeav9GqEg3SLTAaaR
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:25 2025 by rpki-client